/*
 * CROSInterceptor.java
 * Copyright 2021 Qunhe Tech, all rights reserved.
 * Qunhe PROPRIETARY/CONFIDENTIAL, any form of usage is subject to approval.
 */

package top.bbman.boot.auth.interceptor;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import top.bbman.boot.logger.LogConstant;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


/**
 * 描述:
 * 解决跨域问题
 *
 * @author wangbei
 * @create 2018-08-10 下午12:55
 */
public class CROSInterceptor implements HandlerInterceptor {

    @Value("${bb-man.auth.head-token-name}")
    private String headTokenName;

    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {

    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        try {
            response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
//            response.setHeader("Access-Control-Allow-Origin", "*");
            response.setHeader("Access-Control-Allow-Credentials", "true");
            response.setHeader("P3P", "CP=CAO PSA OUR");
            if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
                response.addHeader("Access-Control-Allow-Methods", "POST,GET,PUT,DELETE,TRACE,OPTIONS");
                response.addHeader("Access-Control-Allow-Headers", "Content-Type,Origin,Accept,"+headTokenName);
                response.addHeader("Access-Control-Max-Age", "120");
            }


//            if (checkReferer(referer)) {
//                String origin = getOrigin(referer);
//                if (origin == null) {
//                    origin = "*";
//                }
//                response.setHeader("Access-Control-Allow-Origin", origin);
//                response.setHeader("Access-Control-Allow-Methods", "*");
//                response.setHeader("Access-Control-Max-Age", "3600");
//                response.setHeader("Access-Control-Allow-Headers", "Content-Type,X-Requested-With,ursAuth,origin, ursid, urstoken, dist-token, deviceUdid");
//                response.setHeader("Access-Control-Allow-Credentials", "true");
//            }else {
//                String origin = request.getHeader("Origin");
//                if (checkOrigin(origin) && !isProcessCorsByNginx(request)) {
//                    response.setHeader("Access-Control-Allow-Origin", origin);
//                    response.setHeader("Access-Control-Allow-Methods", "GET,HEAD,POST,PUT,DELETE,TRACE,OPTIONS,PATCH");
//                    response.setHeader("Access-Control-Max-Age", "86400");
//                    response.setHeader("Access-Control-Allow-Headers", "Content-Type,X-Requested-With,ursAuth,origin, ursid, urstoken,  dist-token, deviceUdid");
//                    response.setHeader("Access-Control-Allow-Credentials", "true");
//                }
//            }
        } catch (Exception e) {
            LogConstant.bbManAuth.info("设置CROS信息异常", e);
        }
        return true;
    }
}
